5f28ae75ea
To minimize the potential for irrecoverable errors, only atomic writes to the ESP are performed. This is implemented by first copying the file to the destination with a `.tmp` suffix and then renaming it to the final desintation. This is atomic because the rename operation is atomic on POSIX platforms. Specifically, this means that even if the system crashes during the operation, the final desintation path will most likely be intact if it exists at all. There are some nuances to this however. It **cannot** be actually guaranteed that the operation was performed on the filesystem level. However, this is the best we can do for now. For reference: - POSIX rename(2): https://pubs.opengroup.org/onlinepubs/9699919799/ - Rust fs::rename corresponds to rename(2) on Unix: https://doc.rust-lang.org/std/fs/fn.rename.html - Rust fs::rename is implemented using libc's rename: https://github.com/rust-lang/rust/blob/master/library/std/src/sys/unix/fs.rs#L1397 - Renaming in libc is atomic: https://www.gnu.org/software/libc/manual/html_node/Renaming-Files.html |
||
|---|---|---|
| .. | ||
| src | ||
| tests | ||
| Cargo.lock | ||
| Cargo.toml | ||